RSS

Hasp – Local Secret Broker

casca1 pts0 comments

hasp · model 01 · spec sheet

HASP core specifications

Spec 01

11enc

Streaming output redactor

Raw, base64-std, base64-url, base32, hex (lower & upper), URL-encoded, JSON-escaped, HTML entity, double-percent, Unicode escape. Marker tokens preserve line counts.

Spec 02

24h

Hard grant ceiling

Once · session · window. Window accepts durations like 15m or 1h. The 24-hour ceiling is enforced inside the daemon. No policy can lift it.

Spec 03

6+1

First-class agent profiles

claude-code, codex-cli, cursor, aider, hermes, openclaw. A generic profile covers anything else that speaks MCP or runs a CLI.

Spec 04

0cloud

Local-first, end to end

No account. No control plane. Telemetry stays off unless you explicitly opt in. Works on a plane, in a SCIF, on a laptop with no network. Source-available critical path. Signed release with SBOM & SLSA.

Surface · the actual product, in three nouns

Noun 01<br>Vault

One personal encrypted local store under your home directory. Argon2id with memory-hard parameters (64 MB · 3 iterations · 4 lanes). AEAD encryption at rest. All your secrets live here once.

Noun 02<br>Apps

Normal applications you connect to the vault: your dev server, your data tool, your CLI. After connecting, you launch them by name and the right values are present. Three delivery modes: env var, temp file 0600, temp dotenv outside the repo.

Noun 03<br>Agents

Coding agents you connect to the vault. After connecting, the agent works through hasp instead of around it. MCP tool surface returns references and metadata, not values. The agent never reads the value.

Setup is explicit, once. Runtime is invisible, every time after.

Features · the whole local broker, organized by job

01 · System model<br>One local trust boundary, four moving parts.

HASP stays small on purpose: secrets live in one encrypted vault, repo roots define where they may be used, repo targets choose the workflow subset, apps and agents connect once, and short-lived grants deliver values only to a specific brokered run.

Vault<br>Encrypted local store of named secrets under HASP_HOME.

Repo<br>A bound project root plus optional value-free targets for workflow-specific delivery.

Agent<br>A connected app or coding agent that gets brokered access.

Grant<br>Short-lived, scoped permission to deliver a secret to one run.

Start and prove<br>Guided setup, repo bootstrap, first vault creation, health diagnosis, and the brokered first-proof check.<br>setupbootstrapinitdoctorproof

Keep secrets named<br>Add, import, capture, update, reveal, copy, expose, and hide values without turning them into loose project files.<br>secretimportsetcapture

Bind the repo edge<br>Project roots become policy boundaries. Inspect requirements, list targets, adopt repos, unbind stale ones, and scan for leaked managed values.<br>projectcheck-repo

Run without revealing<br>Resolve env and file refs at exec time, or expand a manifest target. Convenience env files exist, but only as an explicit operator request.<br>runinjectwrite-env

Apps and agents<br>Connect app profiles and coding-agent profiles once. MCP and CLI surfaces return references and metadata, not secret values.<br>appagentmcp

Lock, backup, restore<br>Lock session material, export encrypted backups, and restore a vault without making recovery a plaintext workflow.<br>vaultexport-backuprestore-backup

Runtime and grants<br>Start or inspect the daemon, open or revoke broker sessions, check reachability, and see current vault and daemon state.<br>daemonsessionstatusping

Evidence and maintenance<br>Print audit history, upgrade signed releases, generate completions and docs, report versions, and keep the deprecated TUI path visible.<br>auditupgradecompletiondocsversiontui

Outcomes · what stops being your problem

Mechanism

What it actually does

What you stop having to think about

Brokered run hasp run · hasp inject

Secrets injected into the child process at exec. The agent never enters the value into its context window or any readable surface.

You let the agent run while you make coffee, take a meeting, or sleep.

Process-tree-bound grant once · session · window

Only the process tree the agent launched can use the grant. Hard 24-hour ceiling no policy can lift.

One bad day stops being a permanent breach.

Repo guardrails scan · pre-commit · pre-push · deploy wrapper

Managed values are caught before they reach a commit, a push, or a deploy. Audited override for the rare case you need to ship a flagged file.

You let the agent edit files without proofreading every diff like a hawk.

Streaming redactor across 11 encodings

Every encoded form of every managed value is masked in real time. Markers preserve line counts so logs still parse.

The traceback you copy-pasted into Slack is safe to send.

One vault, many apps launcher on PATH

After hasp app connect , you type . Rotation is one operation, not a search-and-replace.

You get back the half hour you lost every time you booted a project.

Append-only audit chained-hash HMAC

Every grant, reveal, and brokered...

agent vault hasp repo values local

Related Articles

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

How to Earn a Billion Dollars

kingstoned15 ptsmonth become startup growth years billionaire
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.